hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 10:18:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
767 Commits 1,723 Branches 164 Tags
bea86e52fbbc2e9ec6d75bc2dda808754159a4aa
Commit Graph

767 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
semmle-qlci
bea86e52fb Merge pull request #275 from xiemaisi/js/workaround-for-nested-imports 
Approved by asger-semmle
 2018-10-04 08:25:52 +01:00
Max Schaefer
220fcb59bd JavaScript: Add change note. 2018-10-03 13:08:31 +01:00
Max Schaefer
8b7bb8cecc JavaScript: Add test case for type inference in the presence of non-toplevel imports. 2018-10-03 13:08:31 +01:00
Max Schaefer
db32dc2bdf JavaScript: Generalise code that assumes imports only appear at the toplevel. 2018-10-03 13:08:31 +01:00
Max Schaefer
f05e777e64 JavaScript: Patch CFG to improve support for non-top level import declarations. 2018-10-03 13:08:31 +01:00
semmle-qlci
604ff232e2 Merge pull request #267 from xiemaisi/js/fix-deprecated-use 
Approved by asger-semmle
 2018-10-03 09:12:02 +01:00
semmle-qlci
e9adc63d91 Merge pull request #260 from xiemaisi/js/confusing-precedence 
Approved by esben-semmle, mc-semmle
 2018-10-03 09:07:18 +01:00
Jonas Jensen
4ad4b19911 Merge pull request #189 from geoffw0/wrongtypedef 
CPP: Permit more typedefs in WrongTypeFormatArguments.ql
 2018-10-03 09:40:06 +02:00
Max Schaefer
09aa04bf00 Merge pull request #268 from sjvs/fix-javascript-example 
JavaScript: fix two examples based on LGTM.com alerts
 2018-10-03 08:16:19 +01:00
Robert Marsh
d44761eaca Merge pull request #269 from tosmolka/tosmolka/cpp/suspicious-call-to-memset 
C++: support Decltype in suspicious-call-to-memset
 2018-10-02 14:21:06 -07:00
Max Schaefer
425d2bfba7 Merge pull request #266 from esben-semmle/js/improve-dead-store-of-local 
JS: support noop parentheses in js/useless-assignment-to-local
 2018-10-02 16:19:56 +01:00
Tobias Smolka
51dcdeff59 C++: support Decltype in suspicious-call-to-memset 2018-10-02 16:47:04 +02:00
Bas van Schaik
c4eb6f0056 fix JS example based on LGTM.com alerts 
1f7ef5b0d7/files/javascript/ql/src/Security/CWE-079/examples/StoredXssGood.js (x95b0280fcab9007a):1
1f7ef5b0d7/files/javascript/ql/src/Security/CWE-079/examples/StoredXss.js (xaef03a63aa3e02e4):1
 2018-10-02 14:47:52 +01:00
Max Schaefer
c7b4238408 JavaScript: Fix use of deprecated predicate. 2018-10-02 12:12:59 +01:00
Max Schaefer
18a74a2163 Merge pull request #255 from Semmle/js/typo-in-query-help 
JavaScript: Fix typo in query help.
 2018-10-02 11:33:03 +01:00
semmle-qlci
b35f450b01 Merge pull request #162 from asger-semmle/partial-calls 
Approved by esben-semmle, xiemaisi
 2018-10-02 11:24:02 +01:00
Max Schaefer
768368498f JavaScript: Introduce new query UnclearOperatorPrecedence. 2018-10-02 08:46:51 +01:00
Max Schaefer
a63b7fc215 JavaScript: Introduce new library predicate for computing whitespace around binary operators. 2018-10-02 08:46:11 +01:00
semmle-qlci
829a5cc451 Merge pull request #259 from asger-semmle/open-redirect-expr 
Approved by xiemaisi
 2018-10-02 08:32:48 +01:00
Max Schaefer
92afcd32f8 Merge pull request #241 from asger-semmle/host-header-forgery 
JS: Add HostHeaderPoisoningInEmailGeneration query
 2018-10-02 08:32:00 +01:00
Esben Sparre Andreasen
595fe217dd JS: support noop parentheses in js/useless-assignment-to-local 
The syntatic recognizer `isNullOrUndef` did not handle expressions
that were wrapped in parentheses.

This eliminates some results here:
https://lgtm.com/projects/g/vuejs/vue/alerts?mode=tree&ruleFocus=7900088
 2018-10-02 09:31:32 +02:00
Arthur Baars
13ef492fc1 Merge pull request #258 from adityasharad/merge/1.18-master-011018 
Merge rc/1.18 into master.
 2018-10-01 18:36:16 +02:00
Max Schaefer
7518267281 Merge pull request #257 from xiemaisi/js/fix-DOMException-model 
JavaScript: Update model of `DOMException`.
 2018-10-01 17:12:50 +01:00
Asger F
9f07b1011d JS: bugfix in server-side redirect query 2018-10-01 12:34:13 +01:00
Aditya Sharad
0882eb7bb3 Merge rc/1.18 into master. 2018-10-01 12:08:16 +01:00
Nick Rolfe
828d3cb138 Merge pull request #250 from adityasharad/version/1.18.1-dev 
Version: Bump to 1.18.1 dev.
 2018-10-01 10:59:52 +01:00
Asger F
d005d7127f JS: address doc review 2018-10-01 10:58:38 +01:00
Max Schaefer
8cc7f5c242 JavaScript: Update model of DOMException. 
cf. https://developer.mozilla.org/en-US/docs/Web/API/DOMException/DOMException
 2018-10-01 08:50:53 +01:00
Max Schaefer
1ab943c16b JavaScript: Fix typo in query help. 2018-10-01 08:04:45 +01:00
Jonas Jensen
9ffdf3b69e Merge pull request #254 from dave-bartolomeo/dave/InstructionToString 
C++: Make `Instruction.toString()` less expensive
 2018-10-01 08:57:24 +02:00
Dave Bartolomeo
37091953dc C++: Fix test expectations after rebase 2018-09-30 08:25:42 -07:00
Dave Bartolomeo
eb987d5da9 C++: Make Instruction.toString() less expensive 
Previously, `Instruction.toString()` returned the same string that is used in IR dumps, which requires numbering all instructions and generating a unique string for each instruction. This is too expensive on large snapshots. I've moved the original code into the new `Instruction.getDumpString()`, and made `Instruction.toString()` just return the opcode plus `getAST().toString()`.
 2018-09-30 08:22:15 -07:00
semmle-qlci
89183bd61b Merge pull request #244 from aschackmull/java/typeflow-perf 
Approved by yh-semmle
 2018-09-29 01:08:15 +01:00
Jonas Jensen
16004facd9 Merge pull request #197 from rdmarsh2/rdmarsh/cpp/ir-guards 
IR-based guards library
 2018-09-28 21:14:08 +02:00
Aditya Sharad
1c71a856e1 Version: Bump to 1.18.1 dev. 2018-09-28 16:39:44 +01:00
Max Schaefer
b8b41a42fa Merge pull request #248 from adityasharad/fix/eclipse-versions-1.18 
Version: Fix C# and JavaScript Eclipse plugins for 1.18.
v1.18.0 		2018-09-28 14:17:40 +01:00
Aditya Sharad
f5bd737ada Version: Fix C# and JavaScript Eclipse plugins for 1.18. 2018-09-28 14:10:06 +01:00
Robert Marsh
93732d8b5a C++: Combine IR guard tests into one ql file 
This is motivated by test performance; IR compilation happens separately
for each test and takes a bit over a minute, so combining these 8 tests
saves about 10 minutes of test running.
 2018-09-27 13:53:02 -07:00
Robert Marsh
b6cc6a3b23 C++: Fix BinaryLogicalOperators always being guards 2018-09-27 13:09:15 -07:00
Robert Marsh
f323fa1df8 C++: test changes from previous commit 
The IR for the conversion to bool results in a comparison where the left
hand side is not the result of any expression in the AST, so they can't
be usefully converted back to the AST
 2018-09-27 13:06:57 -07:00
Aditya Sharad
87271fb391 Merge pull request #234 from jbj/gitignore-vs 
.gitignore everything under .vs in repo root dir
 2018-09-27 17:54:56 +01:00
Asger F
e4c8653549 JS: Factor RequestHeaderAccess into separate class 2018-09-27 16:28:58 +01:00
ian-semmle
077ce6a4be Merge pull request #242 from jbj/unresolveCheckResult 
C++: Make unresolve dispatch on `result`
 2018-09-27 14:59:34 +01:00
Aditya Sharad
1f9da28647 Merge pull request #243 from jbj/CommentedOutCode-join-fix 
C++: Fix join order in CommentedOutCode
 2018-09-27 14:59:13 +01:00
Anders Schack-Mulligen
b3dbb44e3a Java: Improve performance of TypeFlow. 2018-09-27 15:39:26 +02:00
Jonas Jensen
19435e07a1 C++: Fix join order in CommentedOutCode 
After the recent inlining of `unresolveElement`, the join order in
`CommentedOutCode` became a problem. The join orderer was tempted to
join the two `hasLocationInfo` calls first because they had one column
in common. With this commit, they have no columns in common. It follows
from the other predicates in the same file that this column would be the
same, so there is no need to assert it in this predicate and risk that
the join orderer uses that information.

On Wireshark, the `CommentBlock::hasLocationInfo` predicate goes from
taking 2m2s to taking 180ms. The query produces the same 7,448 alerts.
 2018-09-27 14:07:13 +02:00
Jonas Jensen
0da452d59a C++: Revert object-orientation of unresolveElement 
The change to make `unresolveElement` a member predicate was helpful for
the optimiser when it dispatched on `this`, but now that it "dispatches"
on `result` it's just an unnecessary pollution of the `ElementBase`
namespace.
 2018-09-27 13:25:30 +02:00
Jonas Jensen
c61b311682 C++: Make unresolve dispatch on result, not this 
This change means that there are no results for `unresolveElement(t)`
where `t` is a "junk type" -- a class definition that is not in the
image of `resolveClass`. These "junk types" still exist as `Element`s,
but they will never be returned by any predicate that goes through
`unresolveElement` to query the db.

We get a small reduction in DIL size and a significant speed
improvement. The DIL for `NewArrayDeleteMismatch.ql` is reduced from
27,630 lines to 27,507 lines, and the total analysis time for the LGTM
suite on jdk8u is reduced from 1158s to 984s.
 2018-09-27 13:23:11 +02:00
semmle-qlci
df4bd36b0f Merge pull request #236 from aschackmull/xml-qll/use-concat 
Approved by hvitved, xiemaisi, yh-semmle
 2018-09-27 11:58:58 +01:00
Aditya Sharad
4767d85a96 Merge pull request #239 from ian-semmle/type_mention 
C++: Update test output
 2018-09-27 11:02:46 +01:00